JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 18.230.205.0

18.230.205.0 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 15%: ?

15%

ISP	Amazon Data Services Brazil
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16509
Hostname(s)	ec2-18-230-205-0.sa-east-1.compute.amazonaws.com
Domain Name	amazon.com
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 18.230.205.0

Whois 18.230.205.0

IP Abuse Reports for 18.230.205.0:

This IP address has been reported a total of 19 times from 10 distinct sources. 18.230.205.0 was first reported on January 31st 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-06-13 08:36:52 (1 day ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 TPI-Abuse	2026-06-13 07:18:56 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 18.230.205.0 (ec2-18-230-205-0.sa-east-1.comput ... show more (mod_security) mod_security (id:210492) triggered by 18.230.205.0 (ec2-18-230-205-0.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 03:18:48.481694 2026] [security2:error] [pid 14029:tid 14037] [client 18.230.205.0:38018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "attorneylouisiana.com"] [uri "/.git/config"] [unique_id "ai0EWFBjuPPOkaDNatoEggAAAsQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 22:38:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 18.230.205.0 (ec2-18-230-205-0.sa-east-1.comput ... show more (mod_security) mod_security (id:210492) triggered by 18.230.205.0 (ec2-18-230-205-0.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 17:38:45.572219 2025] [security2:error] [pid 7935:tid 7935] [client 18.230.205.0:34770] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nbcnewsradio.indie100.com"] [uri "/.git/config"] [unique_id "aSt19SEGtYXEnJwD2SAa_AAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 22:10:15 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 18.230.205.0 (ec2-18-230-205-0.sa-east-1.comput ... show more (mod_security) mod_security (id:210492) triggered by 18.230.205.0 (ec2-18-230-205-0.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 17:10:08.418091 2025] [security2:error] [pid 28604:tid 28630] [client 18.230.205.0:44562] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.nativeamericantimeline.philacentric.com"] [uri "/.git/config"] [unique_id "aStvQMPcN538HVFRN4kuagAAAFE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-29 16:40:39 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 18.230.205.0 (ec2-18-230-205-0.sa-east-1.comput ... show more (mod_security) mod_security (id:210492) triggered by 18.230.205.0 (ec2-18-230-205-0.sa-east-1.compute.amazonaws.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 29 11:40:32.073006 2025] [security2:error] [pid 3758:tid 3758] [client 18.230.205.0:34618] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.naijafruit.com.awani-partners.com"] [uri "/.git/config"] [unique_id "aSsiAEclEkJFl9JmjP6XXAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2025-11-29 14:05:47 (6 months ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇨🇳 ThreatBook.io	2025-02-01 22:38:31 (1 year ago)	ThreatBook Intelligence: Edu,Zombie more details on https://threatbook.io/ip/18.230.205.0 2025-02-01 ... show more ThreatBook Intelligence: Edu,Zombie more details on https://threatbook.io/ip/18.230.205.0 2025-02-01 00:08:52 /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts 2025-02-01 00:08:58 /config.json 2025-02-01 00:08:42 / 2025-02-01 00:08:54 /.json 2025-02-01 00:08:55 /api/geojson?url=file:///etc/hosts 2025-02-01 00:08:51 / 2025-02-01 00:08:53 /.DS_Store 2025-02-01 00:08:57 /server-status 2025-02-01 00:08:59 /.env 2025-02-01 00:09:00 /info.php show less	Web App Attack
🇨🇳 ThreatBook.io	2025-01-31 22:40:44 (1 year ago)	ThreatBook Intelligence: Edu,Zombie more details on https://threatbook.io/ip/18.230.205.0 2025-01-31 ... show more ThreatBook Intelligence: Edu,Zombie more details on https://threatbook.io/ip/18.230.205.0 2025-01-31 21:45:42 /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts 2025-01-31 21:45:43 /.DS_Store 2025-01-31 21:45:40 / 2025-01-31 21:45:48 /config.json 2025-01-31 21:45:41 / 2025-01-31 21:45:44 /info.php 2025-01-31 21:45:44 /.env 2025-01-31 21:45:46 /api/geojson?url=file:///etc/hosts 2025-01-31 21:45:47 /server-status 2025-01-31 21:45:45 /.json show less	Web App Attack
🇺🇸 MPL	2025-01-31 17:49:02 (1 year ago)	tcp/8080	Port Scan
🇺🇸 MPL	2025-01-31 17:49:02 (1 year ago)	tcp/8080	Port Scan
🇺🇸 RAP	2025-01-31 17:15:23 (1 year ago)	2025-01-31 17:15:23 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇳🇱 Study Bitcoin 🤗	2025-01-31 16:56:19 (1 year ago)	Port probe to tcp/8080 (http) [srv128]	Port Scan Bad Web Bot Web App Attack
🇳🇱 Study Bitcoin 🤗	2025-01-31 16:38:52 (1 year ago)	Port probe to tcp/8080 (http) [srv126]	Port Scan Bad Web Bot Web App Attack
🇺🇸 RAP	2025-01-31 15:57:54 (1 year ago)	2025-01-31 15:57:54 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 MPL	2025-01-31 15:55:27 (1 year ago)	tcp/8080 (5 or more attempts)	Port Scan

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.28.214.113

🇨🇦 54.39.6.137

🇺🇸 32.196.233.17

🇨🇳 223.151.249.172

🇳🇱 195.178.110.30

🇩🇪 192.109.200.204

🇦🇷 190.181.101.213

🇳🇱 176.65.148.206

🇺🇸 165.154.36.71

🇨🇳 115.190.14.210

🇺🇸 104.28.166.120

🇮🇳 103.225.132.99

🇵🇰 103.84.56.209

🇨🇦 85.217.149.53

🇮🇳 74.224.96.228

🇺🇸 68.183.63.167

🇵🇰 58.65.130.58

🇨🇦 51.222.95.131

🇨🇦 51.161.65.192

🇩🇪 45.135.195.139